Jump to content

Search the Community

Showing results for tags 'unknown'.

More search options

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Endpoint Protection
    • Malwarebytes Incident Response (includes Breach Remediation)
    • Malwarebytes Endpoint Security
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






Found 6 results

  1. Hate to waste your time on what is probably paranoia, but this icon is appearing in the popup menu on my taskbar, alongside the Malwarebytes, Java and Bluetooth icons as well as other recognizable images. When I mouse over it, it disappears, which is frustrating, so I was wondering if anybody could tell me what this is. Reverse image search has been no help whatsoever.
  2. Hello, I have found a number of unknown IP addresses in my MWB3 Exclusion list. I have not added any of these manually and was wondering if its any cause for concern. Many of the addresses lead to unlikely host countries of any of my services such as Astana Kazakhstan. one example IP address given below is listed on projecthoneypot.org as a spammer/hijacked address
  3. Hi! Following the steps to try to solve this; My your FRST, Additions, and Malwarebytes Threat Scan logs. Ty already, I'll wait for the help. Addition.txt AdwCleaner[S8].txt FRST.txt
  4. I seem to have acquired a rather nasty Bitcoin miner (or I assume that's what it is). It seems to generate a random name and create a folder in Appdata/Low which I cannot access due to an access denied. It asks for administrator rights which when provided it still says access denied (these are my personal machines. I'm the only admin). I tried to take ownership via file security but I always get an access denied error and it says the current owner is unknown. It creates multiple threads using the same name as the folder it created which I cannot affect in any way. I can't kill them or restrict there priority level. I also cannot open the containing folder due to the aforementioned admin issue. It seems to constantly max out either 1 or 2 cores on and off. It drops down to no usage for 30 seconds to 2 minutes on a regular basis. I'm not sure what it's doing as I don't get a spike in network traffic. Based on how the performance hit affects my system I suspect these processes have given themselves above average priority. The virus seems to have spread to my Laptop and HTPC via my network since there isn't any download I've made that the 3 of them have in common. The processes have in common only that they identify themselves as "Windows Process Manager" in the description bar and that whenever the file name of the current process is googled it always seems to be listed on the page of a spam redirect webpage: * www.discopoints.org/?postfix=CB&prefix=WE I suspect that web portal acts as some sort of homing device since every filename they've taken so far has been on that webpage. The hard part is I can't find out how to remove the virus because I don't know the name or strain of the virus due to it creating randomly named folders. MalwareBytes Anti Malware (which is supposedly the best at detecting Malware) never detects it even when I specifically tell it to scan the aforementioned folders. It doesn't seem to be using my GPU. Only my CPU. So far the process names i've seen are: * nvbtcis * weklacb * aurpmwc * nvczsrmsvc It's also always accompanied by a process that describes itself as "Printer Driver Host" * dtmcbpx They are always 32-bit processes. Each instance of the main mining process seems to use between 20 and 100MB of RAM depending on the age of the process. Do any of you recognize this behavior? If I can find out what virus I'm dealing with I can likely find instructions on its removal. I've never seen a virus that takes this degree of control over my systems. * Edit: Both systems are running Windows 7 Ultimate SP1 64-bit * Edit 2: I also tried booting to Linux Live to view the folders. Under Linux the folders appeared as empty. I tried deleting them so I could boot back into Windows and create my own folders in a read only state so they couldn't re replicate themselves. By the time I was into Explorer they had already been taken over by the virus again. * Edit 3: I've noticed it has the digital signature of a company called Jetbrains S.R.O. so I've sent them an email to see if they know anything about this. I assume they won't be happy that there digital signature is on a virus program. * Edit 4: Reinstalling my OS isn't an option. It would take monthes to reinstall all my software. We're talking 3+ year old installs with TBs of data. It was suggested I try posting here. Neither MalwareBytes nor Avast have been able to succesfully remove this virus. Avasts BootScan just threw out a data error and was unable to correctly delete the files. RKill didn't kill it.
  5. A bunch of weird things is happening: Restarting at random points Also, now I noticed a way to get passed it, by clicking on the icon on macos but now it is not working. Mail seems weird with notifications fading I am on version macos 10.12.6
  6. Malwarebytes is displaying boxes identifying imp.paradiskus.com as a malicious website at 45 63 51 59. I never heard of that website before, this started about 01/22/18, and cannot figure out how to get rid of the attempts to contact me. WARNINGS OCCUR INSTANTLY WHEN I LOG ON TO GMAIL ON MY HP LAPTOP. Help with this would be greatly appreciated!!!!
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.